package com.leil.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

@EnableWebSecurity
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http
			.authorizeRequests()
			.antMatchers("/css/**", "/index").permitAll()
			.antMatchers("/user/**").hasRole("USER")
//			.antMatchers("/blogs/**").hasRole("USER")
			.and()
			.formLogin().loginPage("/login").failureUrl("/login-error")
			.and()
			.exceptionHandling().accessDeniedPage("/401");
		// 登出
		http.logout().logoutSuccessUrl("/");
	}
	
	/**
	 * 在内存中初始化存储用户信息
	 */
//	@Bean
//	public UserDetailsService userDetailsService() {
//		InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
//		// 在内存中存放用户信息
//		manager.createUser(User.withUsername("leil").password("123456").roles("USER").build());
//		manager.createUser(User.withUsername("admin").password("123456").roles("ADMIN").build());
//		return manager;
//	}
	
	
	/**
	 * 从数据库中初始化用户信息及权限信息
	 */
	
//	@Autowired
//	UserDetailsService userDetailsService;
//	
//	@Autowired
//	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//		auth.userDetailsService(userDetailsService);
//	}
	
	
	@Autowired
	UserDetailsService userDetailsService;

	@Autowired
	public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//		auth
//			.inMemoryAuthentication()
//				.withUser("forezp").password("123456").roles("USER")
// ;
		//auth.userDetailsService(userDetailsService());
		auth.userDetailsService(userDetailsService);
	}
	
	
	
	
}
